package org.aurora.module.gateway.auth;

import cn.dev33.satoken.reactor.filter.SaReactorFilter;
import cn.dev33.satoken.router.SaRouter;
import cn.dev33.satoken.stp.StpUtil;
import cn.dev33.satoken.util.SaResult;
import org.springframework.boot.autoconfigure.AutoConfiguration;
import org.springframework.context.annotation.Bean;

/**
 * SaTokenConfigure
 * <pre>
 * description:
 * create date: 2025-03-18 22:42:43
 * </pre>
 *
 * @author cao.yong
 */
@AutoConfiguration
public class SaTokenConfigure {

    @Bean
    public SaReactorFilter saReactorFilter() {
        return new SaReactorFilter()
            // 拦截地址
            .addInclude("/**")
            // 开放地址
            .addExclude("favicon.ico")
            .setAuth(auth -> {
                // 登录校验 -> 不包含登录访问 -> 其他访问必须进行登录
                SaRouter.match("/**").notMatch("/auth/login").check(staff -> StpUtil.checkLogin());
                // 认证服务请求验证
                SaRouter.match("/auth/**", r -> StpUtil.checkPermission("auth"));
            })
            .setError(this::getSaResult);
    }

    private SaResult getSaResult(Throwable e) {
        return SaResult.error(e.getMessage());
    }
}
